Business Continuity Management System (ISO 22301)
What is ISO 22301?
ISO 22301 is an international standard that specifies the requirements to establish, implement, maintain and continually improve a Business Continuity Management System (BCMS) to protect against, reduce the likelihood of the occurrence of, prepare for, respond to and recover from disruptions when they arise.
The purpose of a BCMS is to prepare for, provide and maintain controls and capabilities for managing an organization’s overall ability to continue to operate during disruptions.
Who should implement ISO 22301?
The requirements specified in this standard are generic and intended to be applicable to all organizations, or parts thereof, regardless of type, size and nature of the organization. The extent of application of these requirements depends on the organization’s operating environment and complexity.
This document is applicable to all types and sizes of organizations that:
- Implement, maintain and improve a BCMS
- Seek to ensure conformity with stated business continuity policy
- Need to be able to continue to deliver products and services at an acceptable predefined capacity during a disruption
- Seek to enhance their resilience through the effective application of the BCMS
This standard can be used to assess an organization’s ability to meet its own business continuity needs and obligations.
What are the benefits of ISO 22301 Certification?
- Supports strategic objectives of an organization
- Creating a competitive advantage
- Protects and enhances the reputation and credibility of an organization
- Contributes to organizational resilience
- Reduces legal and financial exposure
- Reduces direct and indirect costs of disruptions
- Protects life, property and the environment
- Considers the expectations of interested parties and helps to meet those expectations
- Provides confidence in the organization’s ability to succeed
- Improves organizational capability to remain effective during disruptions
- Demonstrates proactive control of risks effectively and efficiently
- Addresses operational vulnerabilities